Addressing Mobile Agent Security through Agent Collaboration

The use of agent paradigm in today¡¯s applications is hampered by the security concerns of agents and hosts alike. The agents require the presence of a secure and trusted execution environment; while hosts aim at preventing the execution of potentially malicious code. In general, hosts support the migration of agents through the provision of an agent server and managing the activities of arriving agents on the host. Numerous studies have been conducted to address the security concerns present in the mobile agent paradigm with a strong focus on the theoretical aspect of the problem. Various proposals in Intrusion Detection Systems aim at securing hosts in traditional client-server execution environments. The use of such proposals to address the security of agent hosts is not desirable since migrating agents typically execute on hosts as a separate thread of the agent server process. Agent servers are open to the execution of virtually any migrating agent; thus the intent or tasks of such agents cannot be known a priori. It is also conceivable that migrating agents may wish to hide their intentions from agent servers. In light of these observations, this work attempts to bridge the gap from theory to practice by analyzing the security mechanisms available in Aglet. We lay the foundation for implementation of application specific protocols dotted with access control, secured communication and ability to detect tampering of agent data. As agents exists in a distributed environment, our proposal also introduces a novel security framework to address the security concerns of hosts through collaboration and pattern matching even in the presence of differing views of the system. The introduced framework has been implemented on the Aglet platform and evaluated in terms of accuracy, false positive, and false negative rates along with its performance strain on the system.

Article Statistics

Multiple requests among the same broswer session are counted as one view (or download).
If you mouse over a chart, a box will show the data point's value.

ABOUT THE SOCIETY

Ever since information processing became one of the most important industries in the country, computing professionals have encountered a growing number of challenges.
Along with scholars and colleagues in related fields, they have gathered together at a variety of forums and meetings over the last few decades to share their knowledge and experiences,
and the outcomes of their research. These exchanges led to the founding of the Korea Information Processing Society (KIPS) on January 15, 1993. The KIPS was registered as an incorporated association under the Ministry of Science,
ICT and Future Planning under the government of the Republic of Korea. The main purpose of the KIPS organization is to improve our society by achieving the highest capability possible in the domain of information technology.
As such, it focuses on close collaboration with the nationâs industry, academic, and research communities to foster technological innovation,
to enhance its members' careers, and to promote the advanced information processing industry.